I have the following connection properties.
Connection Name: MyConnection
UserName : Scott
password : password
Now I want to create a user using the above connection. The query I tried to execute was,
CREATE USER demo IDENTIFIED BY demo;
but I got the error stating that
"insufficient privileges".
An attempt was made to change the current username or password
without the appropriate privilege.
May I know how to create the user.
To create a new user, you should connect as a account with DBA privileges, or the System user if there isn't a named DBA user.
Related
From the SQL Plus, When adding "AS SYSADMIN" after the user name:
UserName AS SYSADMIN
I am able to log on after entering my password
but if I just do the user name:
UserName
I get the following error message:
ORA-01017: invalid username/password; logon denied
I need to log on just with the username so that I can configure JetBrains DataGrip
The AS SYSxxx roles are system privileges that should not be overused, as you appear to have correctly surmised. Typically these roles have a separate authentication source than the normal user account - in other words they may have their own password, which is generally stored in a separate location.
Try this:
While logged in as SYSADMIN, reset the user's password with an ALTER USER [username] IDENTIFIED BY [password]; command.
Log out.
Log in as the user, without AS SYSADMIN, using the new password value.
You should still be able to log in AS SYSADMIN using the old password. To sync them, have someone with SYSDBA privilege regrant the SYSADMIN privilege to your user. If you are working in an Oracle RAC configuration, repeat the grant once on each cluster node, as the external password file is only updated on the local instance when the grant is issued.
I am migrating this Oracle command to PostgreSQL:
GRANT CREATE SESSION TO user;
Please suggest to me how I can migrate the above command.
There are three steps:
It has to be a login role
ALTER ROLE theuser LOGIN;
There has to be an entry in pg_hba.conf that matches the incoming connection by that user.
The user has to have the CONNECT privilege on the database.
How do I create a new user and give him access to ORCL database in oracle 10 g (TOAD/SQL Developer/SQL Plus). I tried to do this in SQL Developer, but when I try to login with the newly created user, it says "Insufficient privileges"
I think you might be confused between database and schema. Also, remember, user and schema are synonymous. A schema contains the set of objects owned by the user. Other than that, they are similar.
What you need to do is:
SQL> create user test_new identified by test_new;
User created.
SQL> grant create session to test_new;
Grant succeeded.
SQL> conn test_new/test_new#pdborcl;
Connected.
SQL> show user
USER is "TEST_NEW"
Above example shows how to create a user, grant create session privilege just to make sure user is at least able to connect. You would obviously need more privileges for the user to do further tasks.
Usually, you would create roles and grant required privileges to the roles. And then assign the role to a user.
UPDATE
Per the comments, OP is unable to connect via SQL*Developer.
but when I try to login into the SQLDeveloper i get error message Insufficient privileges when Role is set to SysDba
You should not use SYSDBA for a normal user other than SYS.
ORA-01017: invalid username/password; logon denied
Either your username or the password is incorrect. In SQL*Developer you need to correctly provide the
username
password
hostname
port
service_name
Test the connection, if it is success, start using it.
I just installed Oracle 11g R2 on windows 7 machine. I am able to login using my sys as sysdba account.
Using the sys account I created a user as follows
create user testuser identified by testuser;
When I try to connect to database with testuser as Normal user it says that 'user testuser lacks CREATE SESSION privilege; logon denied' which is understandable since I have not granted any permissions so far to testuser.
But when I try to login to database using testuser as sysdba, it allows me to connect to database and the selected schema seems to me as SYS schema.
Is there something I am missing because I think user testuser should not be able to even login let alone login to SYS schema. I have also found that I can connect as sysdba with any username regardless of if it is present in the database.
How can I create a regular oracle user which does not have access to any other schema?
Your windows user is part of the dba group (oradba). It uses Windows authentification to connect as sysdba. See this thread on AskTom:
"as sysdba" is extremely powerful, it uses OS AUTHENTICATION, it does
not require database authentication (it is used to login before there
is a "database" or even an "instance"!)
As a member of the dba group, you can login as sysdba with any database user. You can even login without a user: sqlplus / as sysdba.
This is how I would normally create a new user:
create user &1
identified by &2
default tablespace &3
temporary tablespace &4;
grant connect, resource to &1;
grant alter session to &1;
** get the picture; also include other default privileges like "create ... " : sequence, synonym, table, view, database link select_catalog_role etc.
How can I grant 'select' on sequence to user in another database.
the syntax: grant select on SEQ_NAME to USER_NAME;
allowed only to users in the same database.
You remote user first needs to have some way to connect to your database. In Oracle this is done by creating a database link. The database link has to be created in the remote database and has to connect to your database.
In the connect definition to your database, a user can be specified to use for the connection in your database. That user needs to have the select privilege.
If there is no user specified in the database link definition, the remote user name will connect to your database using the same name as the remote username, using the same password.
So, in both cases the privilege has to be granted to a user in your database.
create database link to_my_database connect to guest_in_my_database identified by 'bigsecret' using tns_alias_to_my_database;
In this example, you need to grant to guest_in_my_database, after it has been created and given at least the create session privilege.